Apply Now

Senior Principal Cyber DevOps Engineer

San Diego, CA, USA | BAE Systems

  • Industry:
    Airlines/Aviation/Aerospace
  • Position Type:
    Full-Time
  • Functions:
    IT / Information Technology
  • Experience:
    7-10 years
Job Description:
48 people have viewed this job

The GXP and AGS teams develop innovative sensor data processing and analytics software products and services. Our team has grown significantly since 2002, increasing revenue by 10x and greatly increasing the size of the team. We have facilities in San Diego California, Rome New York, and Durham North Carolina.


The Engineering Support team for AGS is responsible for a number of common resources and capabilities that a member of the team is expecting to often support. This requires a candidate to be flexible, a superior problem solver; enjoy learning, creating, and implementing new technology and processes.


The Engineering Support team is specifically responsible for the following areas in AGS

Enterprise Engineering DevOps

Cloud Engineering DevOps and DevSecOps

AppSec

Modeling and Simulation


A candidate will be supporting our cloud dev operations by helping to roll out security changes via configuration, scripting, or AWS service. Additionally they will take part in penetration testing events.


A candidate can grow with their interests into other areas of the Engineering Support team or development.


A successful candidate must demonstrate:

An education background in software, computer engineering, or IT

An understanding of how to provide security solutions that balance security and efficient development

An understanding of how to move between technologies and scripting languages as well as learn new ones with ease

A desire to work with, communicate, and assist developers and IT professionals

Enjoy urgency and change

An understanding of how to be a hero to your customers (Dev) by working with them to help them be more efficient and by describing (passively training) them on vulnerabilities and real world examples.


Required Skills and Education

8+ Years’ Experience with software development, computer management, network and computer security, application pen testing

Highly motivated and able to work well in both team and solo settings.

Familiar with common classes of software vulnerabilities / security bugs and how they are exploited, including both web-based attacks (injections, traversals, deserializations), and memory corruption attacks (BO, Heap exploitation).

Able to work under consultative direction toward long-range goals and objectives.

Experience developing solutions to problems of unusual complexity that require a high degree of ingenuity, creativity and innovativeness.

Able to face problems that are unique in the organization, and find solutions that may serve as precedent for future decisions.

Familiarity with NIST Special Publication 800-53

Excellent communication and interpersonal skills, and willingness to mentor other developers in secure software practices.

Humility, empathy, patience, a desire to learn, and help teammates learn.

US Citizenship

Bachelor's Degree in a computer related field


Preferred Skills and Education

Experience with Cloud Providers such as AWS or Azure

Familiarity with managing both Windows and Linux

Experience with cloud automation via configuration such as cloud formation or Terraform

Experience with scripting or programming languages and automation

Experience with asset and user management of a computer network

BS and 8+ years, or MS and 6+ years of professional engineering experience in Software or Systems Engineering

CISSP, CSSLP, or OSCP certified (or better: OSCE, OSEE)

Experience with Federal cybersecurity accreditation processes and standards (DIACAP, RMF, CJIS, etc)

Experience creating security accreditation packages

Experience designing and implementing secure cloud environments (AWS)

Experience designing, documenting, and implementing multi-faceted security solutions that include technological, administrative, and procedural controls.

Pen testing experience and experience leading or coordinating a team of pen testers.

Bug hunting / Bug bounty experience; experience discovering and validating security bugs and developing proof-of-concept software exploits against a single application. Multi-system web application bug hunting experience is a plus.


Other companies hiring with Ivy Exec

 Company Logos